Cisco Community
English
Register
We're here for you! LEARN about free offerings and business continuity best practices during the COVID-19 pandemic
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
1036
Views
0
Helpful
0
Replies
George Mason
George Mason Beginner
Beginner
‎03-04-2013 08:27 AM
‎03-04-2013 08:27 AM

Implement per VPN QoS/shaping on ASA

Hi,

I'm trying to implement a solution where voice traffic to a bunch of remote sites is given priority over other general traffic. The sites are all connected via different grades of DSL and serial links, they all have different bandwidth characteristics. They all have a static VPN back to the ASA at the head office. The head office connection is a leased line and therefore has more bandwidth than all of the remote sites.

I have been reading about class-map and policy-map commands but as far as I can see, I can't use them because:

#1 in order to implement QoS, I first have to be queuing the traffic on the ASA, which means implementing shaping, and if I do that then...

#2 since the policy map is installed on the outside interface, any shaping I do will affect all traffic through that interface, not just to the VPN end points

What I think I need to do is have different policy maps for each tunnel group - but can't see a way to do that.

Grateful to anyone who can fault my logic as am sure I'm missing something obvious.

Thanks

George

1 person had this problem
0 Helpful
Reply
Latest Contents
Downloadable Redirect ACL with ISE
Created by howon on 03-27-2020 02:33 PM
0
5
0
5
Create redirect ACLFind out external ACL name: Method 1 using redirect ACL as dACL to reveal the nameFind out external ACL name: Method 2 using configuration change alarmCreate CWA authorization profileResult If you have ever configured central web authe... view more
What's New in CDO?
Created by Andrew Mallio on 03-27-2020 02:29 PM
0
5
0
5
Hello!   Cisco Defense Orchestrator (CDO) is a cloud-based multi-device manager that can manage security products like the Adaptive Security Appliance (ASA), the Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.&nb... view more
Episode 57 - Maximizing AnyConnect Performance During the CO...
Created by Kevin Klous on 03-27-2020 07:34 AM
1
10
1
10
Show Name: Maximizing AnyConnect Performance During the COVID-19 Pandemic Contributors: Kevin Klous, Security Technical Leader, Cisco Shannon Wellington, Technical Consulting Engineer, Cisco Jay Young, Security Technical Leader, Cisco Wen Zhang, Securit... view more
Backup Cloud Email Security Appliance
Created by lilianamartinez on 03-23-2020 08:37 PM
0
0
0
0
Hello,  Im't triying to get a backup from my ESA and SMA but I get "You are not in the correct access group to use the saveconfig command." log when I try via CLI with "showconfig, saveconfig or mailconfig" I tried in cluster mode, group mode an... view more
AnyConnect Split Tunneling (Local Lan Access, Split Tunnelin...
Created by pcarco on 03-23-2020 06:27 PM
3
25
3
25
 This article was created due to the COVID-19 pandemic •Customers are increasing AnyConnect licenses to allow a surge of AnyConnect sessions to their current headend ASA/Firepower.•If using only existing hardware they are limited to the max... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
Spotlight Awards- February 2020

Follow our Social Media Channels